Microsoft is leaving the option to disable Secure Boot up to OEMs in Windows 10

When Microsoft was preparing Windows 8 several years back, concern arose over the company’s planned use of Secure Boot. When active, Secure Boot checks the cryptographic signature of any program (including operating system bootloaders) against a list of approved keys during the startup process to defend against nasty malware that can load before the OS.

Although Microsoft demanded that OEMs ship PCs with Secure Boot enabled, it ended up not being all that big of a deal because the company also mandated that partners include the ability to disable it.

It’s the same song, different verse for Microsoft as we head towards Windows 10. The key difference this time around which once again has some worried is the fact that the Secure Boot disable switch is now optional for x86 system builders.

All of this, of course, is a moot point if you build your own desktop as motherboard makers would all but have to offer an option to disable it in the UEFI since they won’t know what operating system a customer plans to install.

But for those that buy prebuilt desktops, this means that OEMs will be required to enable Secure Boot and could also ship without the option to disable it. The same could also hold true for notebooks.

It’s still too early to know exactly how this will play out as it’s entirely possible that Microsoft could drop the option by the time the RTM version of Windows 10 ships to OEMs.